Press Releases: March 2013

EFF Urges Appeals Court to Protect the Rights of TV Innovators

San Francisco - The Electronic Frontier Foundation (EFF) urged a federal appeals court Friday to protect the rights of start-up innovators working to improve TV viewing and other entertainment experiences, arguing that big content companies should not be allowed to block add-on technology with baseless copyright claims.

At issue in the 9th U.S. Circuit Court of Appeals is whether TV networks can shut down a TV streaming service called Aereokiller, which sends over-the-air television signals to users' personal computing devices. The networks claim that Aereokiller violates copyright by retransmitting their signals. In the amicus brief filed Friday, EFF asks the court to look to recent court rulings that have blocked TV networks' various attempts to quash new products and constrict viewers' rights.

"Many of the services that Hollywood is trying to shut down are simply conceptually moving the antenna that used to be on your roof to their roof," said EFF Staff Attorney Mitch Stoltz. "TV viewers have a right to choose when and how they watch free TV – and courts have recognized that. Networks can't block consumer choices just because they didn't think of it first and want a cut of the profits from someone else's idea."

"This isn't just about the products and services that are being developed today," said Stoltz. "It's about what innovators could come up with tomorrow, if they aren't discouraged by TV networks trying to claim copyright infringement when it just doesn't apply. We're asking the court here to prevent Hollywood from twisting the law at the expense of viewers' customary rights."

Sacramento - Senator Mark Leno today announced the introduction of groundbreaking new legislation that protects email privacy. Senate Bill 467, sponsored by the Electronic Frontier Foundation (EFF), requires state law enforcement agencies to obtain a warrant before asking service providers to hand over a private citizen's emails.

"No law enforcement agency could obtain someone's mail or letters that were delivered to their home without first securing a search warrant, but that same protection is surprisingly not extended to our digital life," said Senator Leno, D-San Francisco. "Both state and federal privacy laws have failed to keep up with the modern electronic age, and government agencies are frequently able to access sensitive and personal information, including email, without adequate oversight. SB 467 repairs the existing holes in California's digital protection laws, ensuring that electronic communications can only be accessed by law enforcement with a warrant."

EFF has long been concerned with law enforcement claims that investigators do not need a search warrant to obtain any email that has been opened or has been stored on a server for 180 days. The U.S. Department of Justice's Office of Legal Policy recently announced it would support changes to federal law that would require a warrant in such cases. While this is a step in the right direction, updated state laws are still needed in order to protect consumers and the email services they use.

"California, the home of many technology companies, should be a leader in protecting the privacy of people's electronic communications," said EFF Staff Attorney Hanni Fakhoury. "Many of the state's technology companies have already indicated that they require a search warrant before disclosing the contents of communications. With SB 467, the warrant requirement becomes the status quo for all electronic communication providers and all law enforcement agencies across the state. We're happy to work with Senator Leno in ensuring our privacy protections keep up with the rapid changes in technology."

The bill is also supported by the ACLU of California.

"Californians shouldn't have to choose between using modern technology and protecting their privacy," said Nicole Ozer, Technology & Civil Liberties Policy Director of the ACLU of California. "SB 467 would ensure that content stored in the cloud receives the same level of protection as content stored on a laptop or in a desk drawer."

Hacker Who Revealed Security Flaw in AT&T Servers Sentenced to 3.5 Years in Prison

San Francisco - Andrew "Weev" Auernheimer today was sentenced to 41 months in federal prison for revealing to media outlets that AT&T had configured its servers to allow the harvesting of iPad owners' unsecured email addresses. The Electronic Frontier Foundation (EFF) is joining Auernheimer's legal team to litigate his appeal before the Third Circuit Court of Appeals, arguing that fundamental problems with computer crime law result in unfair prison sentences like the one in this case.

In 2010, Auernheimer's co-defendant Daniel Spitler discovered that AT&T deliberately configured its servers so that when they were queried with a number that matched an iPad's SIM card identifier, AT&T would reveal the email address of the iPad's owner. Spitler wrote a script that used the security hole to collect roughly 120,000 email addresses. Then Auernheimer sent a list of the email addresses to several journalists to spotlight the security problem. AT&T subsequently fixed the vulnerability.

The government charged Spitler and Auernheimer with conspiracy to violate the federal Computer Fraud and Abuse Act (CFAA) and identity theft law. Spitler reached a plea deal with the government in June 2011. In November, Auernheimer was convicted of two felonies after Spitler testified against him.

"Weev is facing more than three years in prison because he pointed out that a company failed to protect its users' data, even though his actions didn't harm anyone," EFF Senior Staff Attorney Marcia Hofmann said. "The punishments for computer crimes are seriously off-kilter, and Congress needs to fix them."

EFF has long criticized the CFAA for its vague language, broad sweep, and heavy penalties. Since the tragic death of programmer and Internet activist Aaron Swartz in January, EFF has redoubled its efforts to reform the law.

"Weev's case shows just how problematic the Computer Fraud and Abuse Act is," EFF Staff Attorney Hanni Fakhoury said. "We look forward to reversing the trial court's decision on appeal. In the meantime, Congress should amend the CFAA to make sure we don't have more Aaron Swartzs and Andrew Auernheimers in the future."

Other attorneys on Auernheimer's appellate team are Tor Ekeland and Mark H. Jaffe of Tor Ekeland P.C., Nace Naumoski, and Professor Orin Kerr of the George Washington University Law School.

San Francisco - A federal district court judge in San Francisco has ruled that National Security Letter (NSL) provisions in federal law violate the Constitution. The decision came in a lawsuit challenging a NSL on behalf of an unnamed telecommunications company represented by the Electronic Frontier Foundation (EFF).

In the ruling publicly released today, Judge Susan Illston ordered that the Federal Bureau of Investigation (FBI) stop issuing NSLs and cease enforcing the gag provision in this or any other case. The landmark ruling is stayed for 90 days to allow the government to appeal.

"We are very pleased that the court recognized the fatal constitutional shortcomings of the NSL statute," said EFF Senior Staff Attorney Matt Zimmerman. "The government's gags have truncated the public debate on these controversial surveillance tools. Our client looks forward to the day when it can publicly discuss its experience."

The controversial NSL provisions EFF challenged on behalf of the unnamed client allow the FBI to issue administrative letters -- on its own authority and without court approval -- to telecommunications companies demanding information about their customers. The controversial provisions also permit the FBI to permanently gag service providers from revealing anything about the NSLs, including the fact that a demand was made, which prevents providers from notifying either their customers or the public. The limited judicial review provisions essentially write the courts out of the process.

In today's ruling, the court held that the gag order provisions of the statute violate the First Amendment and that the review procedures violate separation of powers. Because those provisions were not separable from the rest of the statute, the court declared the entire statute unconstitutional. In addressing the concerns of the service provider, the court noted: "Petitioner was adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate."

"The First Amendment prevents the government from silencing people and stopping them from criticizing its use of executive surveillance power," said EFF Legal Director Cindy Cohn. "The NSL statute has long been a concern of many Americans, and this small step should help restore balance between liberty and security."

EFF first brought this challenge on behalf of its client in May of 2011.

San Francisco - Fifteen years after Congress passed the Digital Millennium Copyright Act, and just as legislators and the public are debating the law's dangerous impact on consumers who want to unlock their cell phones, the evidence of much broader negative effects continues to mount. In its latest update to the comprehensive white paper, "Unintended Consequences: Fifteen Years Under the DMCA," the Electronic Frontier Foundation (EFF) catalogs how content owners have misused the DMCA to threaten fair use, free speech, research, competition and innovation.

EFF's research highlights how the DMCA's prohibition on "circumventing" digital rights management (DRM) and "other technical protection measures" has been used to intimidate scientists and inventors and stifle fair uses, harming both business and consumer interests. The latest update to the chronicle of DMCA overreach includes new case studies, including several that illustrate how the law impacts engineers working with video-game consoles.

"It is great to see the new awareness of the issues with cell phone unlocking, but phones are just the tip of the iceberg of problems the DMCA has created," EFF Intellectual Property Director Corynne McSherry said. "It kills aftermarkets, interferes with legitimate research, and squelches creativity in new media."

Highlights:

• In 2010, Sony sued a group of researchers, including hacker George Hotz (a.k.a. Geohot), who had helped expose security flaws in the Playstation 3 that would enable users to run Linux on their machines again — something Sony previously supported but then tried to prevent.

• In 2011, Sony threatened the Norway-based website Gitorious.org, an online collaborative space for the open-source community, when its users initiated projects involving the Playstation 3 console. Citing a lack of resources to fight Sony, Gitorious not only removed the projects, but it also blocked search requests for "playstation," "sony " and "ps3."

• In 2011, Activision threatened hacker Brandon Wilson when he published research on the workings of a scanning device that was part of one of the company's video games. Activision's claim that Wilson's research would allow users to unlock game content without purchase was unwarranted, but it nevertheless succeeded in pressuring Wilson to remove his research from his blog and to abandon his work on the project.

"Section 1201 has done a lot more harm than good," McSherry said. "It's long past time to fix it, or, even better, get rid of it altogether." Outraged users can go to http://fixthedmca.org/ to find out how they can help.

Contacts:

Prenda Law Firm attempts to silence critics DieTrollDie and FightCopyrightTrolls

San Francisco - The Electronic Frontier Foundation (EFF) is joining with attorney Charles Lee Mudd Jr. to represent two blogs caught up in a bizarre lawsuit filed by Paul Duffy and Prenda Law LLC, Duffy's copyright troll law firm.

Copyright trolls try to make money by suing Internet users under various copyright laws. Their tactics include targeting large groups of anonymous "John Doe" defendants for downloading files on BitTorrent, seeking their identities, and exploiting the massive damages in copyright law in order to pressure defendants into settling quickly.

Duffy and his firm's tactics are frequent subjects of criticism on FightCopyrightTrolls (fightcopyrighttrolls.com) and DieTrollDie (dietrolldie.com), two watchdog blogs maintained by anonymous authors.

Late last month, Duffy and Prenda Law filed two separate defamation lawsuits in Illinois state court, which have since been removed to federal courts in the Northern and Southern districts of Illinois. The complaints claim the bloggers and their commenters defamed Duffy and his firm, despite the free speech protections guaranteed by the First Amendment.

"These lawsuits are a blatant attempt to abuse the legal process to punish critics," said EFF Staff Attorney Mitch Stoltz.

Immediately after filing the suits, Duffy served a subpoena on Automattic Inc., the company that owns the Wordpress blogging platform. The subpoena seeks the IP addresses of everyone who ever visited the two websites, threatening the privacy of the bloggers and their readers. On Friday, Automattic rejected the subpoena in a letter to Duffy, calling it "legally deficient and objectionable" and a violation of the First Amendment right to speak anonymously.

"Not only is the subpoena improper under the First Amendment, it fails to comply with the simple rules for pre-trial discovery," EFF Staff Attorney Nate Cardozo added.

Automattic has stated unequivocally that it will not turn over any information until the bloggers' challenge to the lawsuit has played out in court. In order to protect this right to anonymity, EFF and the Mudd Law Office will not publicly release the names of their clients in this suit.

"Critics of the copyright troll business model have the right to speak anonymously without their identities being exposed to the trolls," said Kurt Opsahl, EFF Senior Staff Attorney. "These sweeping subpoenas create a chilling effect among those who have spoken out against Prenda."

Notorious copyright troll John Steele previously filed a similar lawsuit against the two blogs but dropped the suit last week without explanation.